Security firm F-Secure is reporting that a new iPhone worm is targeting jailbroken ipnones in the Netherlands. Unlike the first worm, this one is malicious and steals bank login info. More specifically, customers of ING Direct are targeted in this round. If the jailbroken iPhone is SSH enabled with the default password (“alpine”) unchanged, the worm redirects the bank’s customers to a look-a-like site with a log-in screen. The hacker can then use the collected login data to steal money from the bank accounts at a later time. The new worm also has the ability to infect iPhones sharing the same WiFi hotspot. So it is imperative that jailbroken iPhone users should either disable SSH or change the default password to be secure.